Claims 



1 . A system for encrypting packets on a network comprising: 

A. a plurality of network nodes; 

B. a communication channel between said plurality of network nodes; 

C. one or more packets sent between said plurality of network nodes over said 
communication channel; 

D. wherein said one or more packets contain an encryption key identifier and a payload; 

E. one or more encryption keys stored on one or more of said plurality of network 
nodes; and 

F. a system for encrypting said payload based on said encryption key identifier and said 
one or more encryption keys. 
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[c2] 



2. A system for encrypting packets on a network as recited in claim 1 , wherein said 
payload is only partially encrypted. 

[c3] 

3. A system for encrypting packets on a network as recited in claim 1 , wherein said one 
or more packets contains a destination address. 

[c4] 

4. A system for encrypting packets on a network as recited in claim 1 , wherein said 
encryption key identifier contains a value indicating "no encryption". 

[c5] 

5. A system for encrypting packets on a network as recited in claim 4, wherein 
information external to the said payload is used to select said encryption key identifier. 

[c6] 

6. A system for encrypting packets on a network as recited in claim 1 , wherein said 
payload further comprises one or more fields that are used to select said encryption key 
identifier. 
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[c7] 



7. A system for encrypting packets on a network as recited in claim 6, wherein said one 
or more fields are selected from the group consisting of a socket, a protocol identifier, a 
node address, a network address, a sub-network address, a service type, and a packet 
identifier. 

[c8] 

8. A system for encrypting packets on a network as recited in claim 6, wherein said one 
or more fields are selected from the group consisting of the application layer, the 
presentation layer, the session layer, the transport layer, the network layer, the data link 
layer, and the physical layer. 

[c9] 

9. A system for encrypting packets on a network as recited in claim 1 , wherein said 
communication channel is a network selected from the group consisting of a wireless 
network, a light frequency network, a power line network, an acoustic network and a 
wired network. 

[clO] 

10. A system for decrypting packets on a network comprising: 
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A. a plurality of network nodes; 

B. a communication channel between said plurality of network nodes; 

C. one or more packets sent between said plurality of network nodes over said 
communication channel; 

D. wherein said one or more packets further comprises an encryption key identifier and 
a payload; 

E. one or more encryption keys stored on one or more of said plurality of network 
nodes; and ' 

F. a system for decrypting said payload based on said encryption key identifier and said 
one or more encryption keys. 

[ell] 

11. A system for decrypting packets on a network as recited in claim 1 0, wherein said 
payload is only partially decrypted. 

[cl2] 
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1 2. A system for decrypting packets on a network as recited in claim 1 0, wherein said 
one or more packets further comprises a destination address. 

[cl3] 

1 3. A system for decrypting packets on a network as recited in claim 1 0, wherein said 
communication channel is a network selected from the group consisting of, a wireless 
network, a light frequency network, a power line network, an acoustic network and a 
wired network. 

[cl4] 

14. A system for encrypting packets on a network comprising: 

A. a plurality of network nodes; 

B. a communication channel between said plurality of network nodes; 

C. one or more packets forming a packet group which are sent on said communication 
channel between said plurality of network nodes; 

D. said packet group further comprising an encryption key identifier and a payload; 
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E. one or more encryption keys for occurrences of said encryption key identifier; and 

F. a system for encrypting said payload based on said encryption key identifier and said 
one or more encryption keys. 

[CIS] 

1 5. A system for encrypting packets on a network as recited in claim 14, wherein said 
payload is only partially encrypted. 

[cl6] 

16. A system for encrypting packets on a network as recited in claim 14, wherein said 
one or more packets further comprises a destination address. 

[cl7] 

1 7. A system for encrypting packets on a network as recited in claim 14, wherein said 
encryption key identifier further comprises a value indicating "no encryption". 

[cl8] 
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1 8. A system for encrypting packets on a network as recited in claim 1 7, wherein 
information external to the packet payload is used to select said encryption key 
identifier. 

[cl9] 



19. A system for encrypting packets on a network as recited in claim 14, wherein said 
payload further comprises one or more fields that are used to select said encryption key 
identifier. 

[c20] 



20. A system for encrypting packets on a network as recited in claim 19, wherein said 
field is selected from the group consisting of a socket, a protocol identifier, a node 
address, a network address, a sub-network address, a service type, and a packet 
identifier. 

[c21] 

21 . A system for encrypting packets on a network as recited in claim 1 9, wherein said 
field is selected from the group consisting of the application layer, the presentation 
layer, the session layer, the transport layer, the network layer, the data link layer, and 
the physical layer. 

[c22] 
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22. A system for encrypting packets on a network as recited in claim 14, wherein said 
communication channel is a network selected from the group consisting of, a wireless 
network, a light frequency network, a power line network, an acoustic network and a 
wired network. 

23. A system for decrypting packets on a network comprising: 

A. a plurality of network nodes; 

B. a communication channel between said plurality of network nodes; 

C. one or more packets forming a packet group which are sent on said communication 
channel between said plurality of network nodes; 

D. said packet group further comprising an encryption key identifier and a payload; 

E. one or more encryption keys; and 
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F. a system for decrypting said payload based on said encryption key identifier and said 
one or more encryption keys. 

[c24] 

24. A system for decrypting packets on a network as recited in claim 23, wherein said 
payload is only partially decrypted. 

[c25] 

25. A system for decrypting packets on a network as recited in claim 23, wherein said 
one or more packets further comprising a destination address. 

[c26] 

26. A system for encrypting packets on a network as recited in claim 23, wherein 
communication channel is a network selected from the group consisting of, a wireless 
network, a light frequency network, a power line network, an acoustic network and a 
wired network. 

[c27] 

27. A method for encrypting packets on a network comprising: 

A. selecting an encryption key and an associated encryption key identifier; 
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B. encrypting data to form a payload using said encryption key; 



C. building a packet comprising said payload and said encryption key identifier; and 

D. sending said packet from a sending network node across a communication channel. 

[c28] 

28. A method for encrypting packets on a network as recited in claim 27, wherein said 
packet is build with a payload that is partially encrypted. 

[c29] 

29. A method for encrypting packets on a network as recited in claim 27, wherein said 
packet is built further comprising a destination address. 

[c30] 

30. A method for encrypting packets on a network as recited in claim 27, wherein said 
packet is built with an encryption key identifier which indicates no encryption. 

[c31] 
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31 . A method for encrypting packets on a network as recited in claim 30, wherein 
selection of said encryption key identifier is based on information external to said 
payload. 

[c32] 

32. A method for encrypting packets on a network as recited in claim 27, wherein 
selection of said encryption key identifier is based on information within said payload. 

[c33] 

33. A method for encrypting packets on a network as recited in claim 32, wherein 
selection of said encryption key identifier is based on fields within said payload selected 
from the group consisting of a socket, a protocol identifier, a node address, a network 
address, a sub-network address, a service type, and a packet identifier. 

[c34] 

34. A method for encrypting packets on a network as recited in claim 27, wherein 
selection of said encryption key identifier is based on protocol layers within said payload 
selected from the group consisting of the application layer, the presentation layer, the 
session layer, the transport layer, the network layer, the data link layer, and the physical 
layer. 
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[c35] 



35. A method for encrypting packets on a network as recited in claim 27, wherein said 
packet is sent on communication channel selected from the group consisting of a 
wireless network, a light frequency network, a power line network, an acoustic network 
and a wired network. 

[c36] 

36. A method for decrypting packets on a network comprising: 

A. receiving a packet on a communication channel wherein said packet further 
comprises an encryption key identifier and a payload; and 

B. decrypting said payload by using an encryption key which is indicated by said 
encryption key identifier. 

[c37] 

37. A method for decrypting packets on a network as recited in claim 36, wherein only 
part of said payload is decrypted. 

[c38] 
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38. A method for decrypting packets on a network as recited in claim 36, wherein said 
packet further comprises a destination address. 

[c39] 

39. A method for decrypting packets on a network as recited in claim 36, wherein said 
packet is received on a communication channel selected from the group consisting of a 
wireless network, a light frequency network, a power line network, an acoustic network 
and a wired network. 

[c40] 

40. A method for encrypting packets on a network comprising: 

A. selecting an encryption key and an associated encryption key identifier; 

B. encrypting data with said encryption key which forms one or more payloads; 

C. building one or more packets which form a packet group from said one or more 
payloads wherein a packet from said packet group further comprises an encryption key 
identifier which identifies said encryption key; and 
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D. sending said packet group from a sending network node across a communication 



channel. 



[c41] 

41 . A method for encrypting packets on a network as recited in claim 40, wherein said 
one or more payloads are partially encrypted. 

[c42] 

42. A method for encrypting packets on a network as recited in claim 40, wherein said 
one or more packets are built with a destination address. 

[C43] 

43. A method for encrypting packets on a network as recited in claim 40, wherein said 
encryption key identifier indicates no encryption. 

[c44] 

44. A method for encrypting packets on a network as recited in claim 43, wherein 
selection of said encryption key identifier is based on information external to said 
payload. 
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[c45] 

45. A method for encrypting packets on a network as recited in claim 40, wherein 
selection of said encryption key identifier is based on information within said payload. 

[c46] 

46. A method for encrypting packets on a network as recited in claim 45, wherein 
selection of said encryption key identifier is based on fields within said payload selected 
from the group consisting of a socket, a protocol identifier, a node address, a network 
address, a sub-network address, a service type, and a packet identifier. 

[C47] 

47. A method for encrypting packets on a network as recited in claim 40, wherein 
selection of said encryption key identifier is based on protocol layers within said payload 
selected from the group consisting of the application layer, the presentation layer, the 
session layer, the transport layer, the network layer, the data link layer, and the physical 
layer. 

[c48] 
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48. A method for encrypting packets on a network as recited in claim 40, wherein said 
packet group is sent on a communication channel selected from the group consisting of 
a wireless network, a light frequency network, an acoustic network, a power line 
network, and a wired network. 

[c49] 

49. A method for decrypting packets on a network comprising: 

A. receiving one or more packets which form a packet group on a communication 
channel wherein said packet group further comprises an encryption key identifier and 
one or more payloads; and 

B. decrypting said one or more payloads using an encryption key which is indicated by 
said encryption key identifier. 

[c50] 

50. A method for decrypting packets on a network as recited in claim 49, wherein only 
part of said one or more payloads is decrypted. 

[c51] 



30 



51 . A method for decrypting packets on a network as recited in claim 49, wherein said 
one or more packets further comprises a destination address. 

52. A method for decrypting packets on a network as recited in claim 49, wherein said 
packet is received on communication channel selected from the group consisting of a 
wireless network, a light frequency network, a power line network, an acoustic network 
and a wired network. 
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